Skip to content

Instantly share code, notes, and snippets.

Created April 3, 2015 21:26
What would you like to do?
ApplyProtectionFromCSRF function
// Gist associated with
// ApplyProtectionFromCSRF makes all POST messages check for a csrf_token
func (application *Application) ApplyProtectionFromCSRF(c *web.C, h http.Handler) http.Handler {
fn := func(w http.ResponseWriter, r *http.Request) {
protected := nosurf.New(h)
failureHandler := func(w http.ResponseWriter, r *http.Request) {
log.Errorf("Possible CSRF attack")
w.Write([]byte("400: Request could not be handled"))
protected.ServeHTTP(w, r)
return http.HandlerFunc(fn)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment